Webby MCP Server

Instructions

Implementation Reference

• src/orchestrator/run-all.ts:186-207 (handler)

  Core handler function implementing the 'validate_all_security' tool logic. Orchestrates Mozilla Observatory and SSL Labs security analyses, combines results with summary.

  export async function runAllSecurity(
    url: string,
    options: SecurityTestOptions
  ): Promise<AllSecurityResult> {
    // Run both security tools
    const mozillaResult = await analyzeMozillaObservatory(url);
    const sslResult = options.sslLabs.waitForComplete
      ? await analyzeSSLLabsComplete(url, options.sslLabs)
      : await analyzeSSLLabs(url, options.sslLabs);
  
    return {
      url,
      timestamp: new Date().toISOString(),
      mozilla_observatory: mozillaResult,
      ssl_labs: sslResult,
      summary: {
        mozilla_grade: mozillaResult.grade,
        ssl_grade: sslResult.grade,
        overall_success: mozillaResult.success && (sslResult.success || sslResult.status !== 'ERROR'),
      },
    };
  }

• index.ts:271-283 (registration)

  MCP tool registration for 'validate_all_security', including name, description, and input schema.

  {
    name: 'validate_all_security',
    description: 'Run all security tests (Mozilla Observatory + SSL Labs).',
    inputSchema: {
      type: 'object',
      properties: {
        url: { type: 'string' },
        email: { type: 'string', description: 'Email for SSL Labs' },
        waitForSSL: { type: 'boolean', description: 'Wait for SSL Labs to complete' },
      },
      required: ['url', 'email'],
    },
  },

• index.ts:98-102 (schema)

  Zod schema for validating inputs to the validate_all_security tool.

  const AllSecurityArgsSchema = z.object({
    url: z.string().url(),
    email: z.string().email(),
    waitForSSL: z.boolean().optional(),
  });

• index.ts:423-432 (handler)

  Tool dispatcher case in the main CallToolRequestHandler that validates arguments and invokes runAllSecurity for 'validate_all_security'.

  case 'validate_all_security': {
    const validatedArgs = AllSecurityArgsSchema.parse(args);
    const result = await runAllSecurity(validatedArgs.url, {
      sslLabs: {
        email: validatedArgs.email,
        waitForComplete: validatedArgs.waitForSSL,
      },
    });
    return { content: [{ type: 'text', text: JSON.stringify(result, null, 2) }] };
  }

• src/orchestrator/run-all.ts:61-71 (schema)

  TypeScript interface defining the output structure of the validate_all_security tool.

  export interface AllSecurityResult {
    url: string;
    timestamp: string;
    mozilla_observatory: MozillaObservatoryResult;
    ssl_labs: SSLLabsResult;
    summary: {
      mozilla_grade: string;
      ssl_grade?: string;
      overall_success: boolean;
    };
  }